Having issues configuring Azure AD OIDC in Apache 2.4 with mod_auth_openidc #728
Unanswered
raghunath1986
asked this question in
Q&A
Replies: 1 comment 1 reply
-
I think it may help to separate out the callback URI so it is not inside the ProxyPass area |
Beta Was this translation helpful? Give feedback.
1 reply
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
I have an application with workflow as
Apache2 (with mod_auth_openidc to Azure AD) --> Tomcat --> APEX.
Oracle APEX application, which will expect HTTP Header Variable "APP_REMOTE_USER" to authorized the user and present the corresponding Home Page (admin/user) .
Created a custom claim in AzureAD with APP_REMOTE_USER and expecting that to be passed as HTTP Header to Tomcat followed by Oracle APEX application. Apache and Tomcat are running in the same server as Kubernetes Pod and Oracle APEX will run in separate server.
Configured the below configuration and
<VirtualHost *:443>
ServerName myapp.example.com
ServerName localhost
ServerAlias localhost
OIDCProviderMetadataURL https://login.microsoftonline.com//v2.0/.well-known/openid-configuration
OIDCClientID XXX
OIDCClientSecret XXX
OIDCRedirectURI https:///ords/apex_authentication.callback
OIDCCryptoPassphrase xxxxx
OIDCScope "openid profile user.read email"
ProxyPass /ords http://localhost:8080/ords
ProxyPassReverse /ords http://localhost:8080/ords
Browser Error:
=============
Invalid Request
Description:
The OpenID Connect callback URL received an invalid request
Apache Error:
Mon Nov 08 05:55:27.260915 2021] [auth_openidc:debug] [pid 46:tid 139882079209216] src/util.c(1029): [client 10.42.3.0:40356] oidc_util_get_cookie: returning "mod_auth_openidc_session" = "44925f6b-4b53-42de-9a81-d0c9d62e1e13"
[Mon Nov 08 05:55:27.260921 2021] [auth_openidc:debug] [pid 46:tid 139882079209216] src/cache/common.c(569): [client 10.42.3.0:40356] oidc_cache_get: enter: 44925f6b-4b53-42de-9a81-d0c9d62e1e13 (section=s, decrypt=0, type=shm)
[Mon Nov 08 05:55:27.260940 2021] [auth_openidc:debug] [pid 46:tid 139882079209216] src/cache/common.c(603): [client 10.42.3.0:40356] oidc_cache_get: cache hit: return 5767 bytes from shm cache backend for key 44925f6b-4b53-42de-9a81-d0c9d62e1e13
[Mon Nov 08 05:55:27.261138 2021] [auth_openidc:debug] [pid 46:tid 139882079209216] src/util.c(1181): [client 10.42.3.0:40356] oidc_util_request_matches_url: comparing "/ords/apex_authentication.callback"=="/ords/apex_authentication.callback"
[Mon Nov 08 05:55:27.261162 2021] [auth_openidc:error] [pid 46:tid 139882079209216] [client 10.42.3.0:40356] oidc_handle_redirect_uri_request: The OpenID Connect callback URL received an invalid request: p_session_id=7330291222329&p_app_id=103&p_ajax_identifier=tYu4mllhmSusf3BTNzGUMJJYig974RRH9V_-PoBX9Bk&p_page_id=2; returning HTTP_INTERNAL_SERVER_ERROR
Beta Was this translation helpful? Give feedback.
All reactions